Self Signed Certificates are rejected automatically about manage-my-damn-life-nextjs HOT 7 CLOSED

Adding NODE_TLS_REJECT_UNAUTHORIZED=0 as environment variable deactivates the certificate validation.
Howewer this is strongly discouraged (reference)!

from manage-my-damn-life-nextjs.

Hey, are you having trouble with Self signed certificates on your CalDAV servers, or on the server which hosts MMDL?

from manage-my-damn-life-nextjs.

Hey, sorry for not beeing precise enough. When trying to connect a new caldav account through the webinterface it gives an error. When looking at the command line you can see, that its an error because of the self signed certificate of my caldav server. I can post the error message later in the day if you want.

from manage-my-damn-life-nextjs.

Will investigate this, and definitely fix this in the next release.

from manage-my-damn-life-nextjs.

Hey,

just wanted to give you a bit more information on what's the actual error. Maybe it'll help:

=====================
Executing (default): SELECT `users_id`, `username`, `email`, `password`, `created`, `level`, `userhash`, `mobile`, `id`, `expires`, `session_token`, `name`, `email_verified`, `image` FROM `users` AS `users` WHERE `users`.`userhash` = 'b6dfceffee9032f0de79c2a49f5d30fb453529f379ff6e455b087c996688505cf7539412110ed04c9ef3f9bbb12c75796c96288195fea292c09af681151c8fbe' LIMIT 1;
=====================
FetchError: request to https://mminl.de:5232/ failed, reason: self-signed certificate
    at ClientRequest.<anonymous> (/home/mrmine/.programs/manage-my-damn-life-nextjs/node_modules/node-fetch/lib/index.js:1501:11)
    at ClientRequest.emit (node:events:519:28)
    at TLSSocket.socketErrorListener (node:_http_client:495:9)
    at TLSSocket.emit (node:events:519:28)
    at emitErrorNT (node:internal/streams/destroy:169:8)
    at emitErrorCloseNT (node:internal/streams/destroy:128:3)
    at process.processTicksAndRejections (node:internal/process/task_queues:82:21) {
  type: 'system',
  errno: 'DEPTH_ZERO_SELF_SIGNED_CERT',
  code: 'DEPTH_ZERO_SELF_SIGNED_CERT'
}
api/caldav/register client:
=====================

from manage-my-damn-life-nextjs.

As @CRGer mentioned, NODE_TLS_REJECT_UNAUTHORIZED=0 is an option, but it is insecure and not recommended at all. You may try to use it on your local/dev environment, if both MMDL and your caldav servers are on your local machine.

If you own the CalDAV server, the best option is just to get a free SSL certificate from Let's encrypt. It's easy and has integration with most server proxies like Apache, Nginx, and others..

The rejection of the certificate happens in fetch calls of tsdav, a library which is used to read and write data to the CalDAV server. I am looking into it and see if there's a way to add rejectUnauthorized: false, option to fetch calls of tsdav.

from manage-my-damn-life-nextjs.

Hey, thanks for the help! I got it working with both the environment variable and now got the ssl certificate working too. I think an option to still accept the certificate would still be nice, so I hope you'll succeed on that.

from manage-my-damn-life-nextjs.